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The Claims: 

This listing of claims will replace all prior versions, and listings, oF claims in the application: 

Listing of Claims: 
1.-46. (cancelled) 

47. (new): 

A method for secure in-band management of a network device that provides routing and 
forwarding services, the method comprising: 

configaring a virtual private network (VPN) for the network device; 

Jinking the VPN to a source of management commands; 

using the VPN to carry management traffic from the source of management commands to 
the network device; and 

using the network device to forward management traffic to a management port of the 
network device through a VPN module. 

48. (new); 

The method of claim 47 wherein the network device includes a routing and forwarding 
module and a management VPN module coupled to the routing and forwarding module. 
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49. (new): 

Hie method of claim 47 wherein the network device is one of a network switch, a network 
bridge, a network hub, and a network gateway. 

50. (new): 

The method of claim 47 wherein the network device can perform one of Internet Protocol (IP) 
services, Multiprotocol Label Switching (MPLS) services, and Asynchronous Transfer Mode 
(ATM) services. 

51. (new): 

The method of claim 47 wherein the source of management commands is one of a 
management device and a management function, 

52. (new): 

A network device that provides routing and forwarding services for a data network, the 
network device comprising: 

a routing and forwarding module to forward data received from the data network on an 
input data link to an output data link in accordance with source and destination 
information contained in the data; 

a router configuration module to perform management operations for the network device; 

a management port coupled to the router configuration module to receive management 
commands for the router configuration module; 
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a management VPN module coupled to the routing and forwarding module and to the 

management port, the management VPN module to provide management commands to 

the management port from a virtuaJ private network (VPN) that uses a tunneling protocol 

on the data network to deliver the management commands to the routing and forwarding 

module. 

53. (new): 

The network device o f claim 52 wherein the network device is one of a network switch, a 
network bridge, a network hub, and a network gateway. 

54. (new): 

The network device of claim 52 wherein the network device can perform one of Internet 
Protocol (IP) services, Multiprotocol Label Switching (MPLS) services, and Asynchronous 
Transfer Mode (ATM) services. 

55. (new): 

The network device of claim 52 wherein the source of management commands is one of a 
management device and a management function. 

56. (new): 

A network device that provides routing and forwarding services, the network device 
comprising: 

means for configuring a virtual private network (VPN) for the network device; 
means for linking the VPN to a source of management commands; 
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means for using the VPN to carry management traffic from the source of management 

commands to the network device; and 

means for using the network device to forward management traffic to a management port 
of the network device through a VPN module. 

57. (new): 

The network device of claim 56 wherein the means for using the network device to forward 
management traffic to a management port of the network device through a VPN module 
includes a routing and forwarding module and a management VPN module coupled to the 
routing and forwarding module. 

58. (new): 

The network device of claim 56 wherein the network device is one of a network switch, a 
network bridge, a network hub, and a network gateway. 

59. (new): 

The network device of claim 56 wherein the network device can perform one of Internet 
Protocol (IP) services. Multiprotocol Label Switching (MPLS) services, and Asynchronous 
Transfer Mode (ATM) services. 

60. (new): 

The network device of claim 56 wherein the source of management commands is one of a 
management device and a management function. 
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61. (new): 

A machine-readable medium providing instructions, which if executed by a processor, cause 
the processor to perform an operation comprising: 

con figuring a virtual private network (VPN) for a network device; 

linking the VPN to a source of management commands; 

using the VPN to cany management traffic from the source of management commands to 
the network device; and 

using the network device to forward management traffic to a management port of the 
network device through a VPN module. 

62. (new): 

The machine-readable medium of claim 61 wherein the network device includes a routing 
and forwarding module and a management VPN module coupled to the routing and 
forwarding module. 

63. (new): 

The machine-readable medium of claim 61 wherein the network device is one of a network 
switch, a network bridge, a network hub, and a network gateway. 

64. (new): 

The machine-readable medium of claim 61, further providing instructions, which if executed 
by the processor, further cause the processor to perform an operation comprising one of 
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performing Internet Protocol (IP) services, performing Multiprotocol Label Switching 

(MPLS) services, and performing Asynchronous Transfer Mode (ATM) services. 

65. (new): 

The machine-readable medium of claim 61 wherein the source of management commands is 
one of a management device and a management function. 

66. (new): 

A data network comprising: 

a plurality of network devices that provide routing and forwarding services for the data 
network; 

a source of management commands transmitted to the plurality of network devices using 
a virtual private network (VPN) that uses a tunneling protocol on the data network; 

wherein each of the plurality of network devices includes 

a routing and forwarding module to forward data received from the data network on 
an input data link to an output data link in accordance with source and destination 
information contained in the data; 

a router configuration module to perform management operations for the network 
device; 

a management port coupled to the router configuration module to receive 
management commands for the router configuration module; 
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a management VPN module coupled to the routing and forwarding module and to the 

management port, the management VPN module to provide management commands 

to the management port from the source of management commands. 

67. (new): 

The data network of claim 66 wherein each of the plurality of network devices is one of a 
network switch, a network bridge, a network hub, and a network gateway. 

68. (new): 

The data network of claim 66 wherein the plurality of network devices can perform one of 
Internet Protocol (IP) services, Multiprotocol Label Switching (MPLS) services, and 
Asynchronous Transfer Mode (ATM) services. 

69. (new): 

The data network of claim 66 wherein the source of management commands is one of a 
management device and a management function. 
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